Most ad fraud doesn't involve bots any more

Fifteen years ago, when the dominant form of digital ads was "banner ads" on websites, the dominant form of ad fraud was bot traffic -- fake users visiting sites to cause ads to load. AppNexus famously purged 92% of their own inventory (from 260 billion impressions per month to 20 billion per month) because the fraud was SO obvious, even they could tell, without any other fraud verification. But today, most ad fraud doesn't involve fake traffic to websites -- i.e. bots -- any more. Legacy fraud verification vendors' tech is tuned for looking for IVT ("invalid traffic") or bots. They are likely missing the majority of the fraud today.

Fraudulent sites might still use bot traffic to generate ad impressions to sell. But they will also use other techniques to multiply their own revenue. For example, sticking 100 ads in the same ad slot means they can make 100X more money when the page loads. Fraudulent sites might also stick 100 ad slots on the page instead of 4 or 5. Fake sites or unscrupulous ones might also refresh the ad slot every 1 second, because it technically meets the MRC requirement of a "viewable" ad. Why wait any longer than 1 second; the ad was not meant to be seen by humans anyway. Pixel stuffing is where the ad is stuffed in an iframe that is 1x1 pixels in dimension, or 0x0. Forced redirects means the page moves to another page after 1 second, etc. This multiplies the pageviews that the site has to offer, and therefore the ad impressions.

All of these are fraud techniques that multiply the ad revenue of the bad actor -- e.g. MFA ("made for advertising") sites. Virtually none of these are caught by the legacy verification vendors. Even if they were looking for these forms of fraud (not sure they are) and measuring with a javascript tag (they usually measure only 1 in 10), they may still not catch these because their tags are in individual ads, and can't look across impressions on the same page or same site. In other words, they're going to miss detecting most of this.

In FouAnalytics, type any of the following parameter names in the filter bar and click [FILTER].

• page-frame-count -- tells you how many iframes are on the page
• page-frame-list -- shows you the list of frames, along with the size and domain in the iframe
• page-ad-count -- is the number of iframes that contain ads (domain is an ad serving domain)

In the raw data below (from FouAnalytics), how many ads do you see? The number in front of the # is the pixel width and height of the iframe. The domain after the # tells you what was loaded into the iframe.

728x90#google 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 728x250#google 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 300x250#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 300x250#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 300x250#google 300x250#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 300x250#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 728x90#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 0x0# 0x0#s.amazon-adsystem.com 0x0#7c37d7597f0e1c0a0f5b970f086d3055.safeframe.googlesyndication.com 0x0#google-bidout-d.openx.net 0x0#gum.criteo.com 0x0#google-bidout-d.openx.net 0x0#widgets.outbrain.com 0x0#widgets.outbrain.com 0x0#eb2.3lift.com 0x0#acdn.adnxs.com 0x0#ads.pubmatic.com 0x0#acdn.adnxs.com 0x0#sync.cootlogix.com 0x0#sync.cootlogix.com 0x0#eus.rubiconproject.com 0x0#match.adsrvr.org 0x0#creativecdn.com 0x0#sync.mathtag.com 0x0#ap.lijit.com 0x0#jp-u.openx.net 0x0#cm.g.doubleclick.net 0x0#sync.cootlogix.com 0x0#eb2.3lift.com 0x0#sdk.minutemedia-prebid.com 0x0#ads.pubmatic.com 0x0#sdk.streamrail.com 0x0#eb2.3lift.com 0x0#js-sec.indexww.com 0x0#sync-tm.everesttech.net 0x0#sdk.minutemedia-prebid.com 0x0#sync.cootlogix.com 0x0#sync.adkernel.com 0x0#onetag-sys.com 0x0#js-sec.indexww.com 0x0#ap.lijit.com 0x0#jp-u.openx.net 0x0#sdk.streamrail.com 0x0#sync.cootlogix.com

In this example, I count 14 ads of normal sizes above -- 728x90, 300x250 ... Then you see a list of 0x0 iframes. Some of those are used for cookie sync, like "0x0#s.amazon-adsystem.com" or "0x0#sync.cootlogix.com". But others appear to be used for ads, like 0x0#ads.pubmatic.com, or content discovery widgets, like 0x0#widgets.outbrain.com. But I don't think humans can see the ad or the widget if it is in a 0x0 iframe, right?

In this slide from 2015, we observed many of these techniques, like ad stacking (sticking more than 1 ad in each ad slot), pixel stuffing (sticking ads in 0x0 dimension iframes), and iframing entire webpages (a way to deliver pageviews/traffic that passes legacy verification detection).

CTV fraud doesn't involve bots, just faked bid requests (no ads are even delivered)

Finally, there are no bots in CTV. Bots are fake users (automated browsers) that load webpages to cause ads to load. There are no bots in CTV. CTV fraud is committed when faked CTV bid requests are sent into the exchanges. They get bids, and one bid wins, but no ad is served. That's because python code (coding language), smart refrigerators, or even javascript code in ad slots are used to fabricate those fake CTV bid requests. Everything is faked, and no CTV ads were run. In FouAnalytics, we check if any ads were delivered, if any of those ads went to households (e.g. where the large screen TVs are connected), if there's any evidence of the ads going to streaming devices like AppleTV, Chromecast, Roku streaming sticks, etc.

Other forms of fraud in CTV again don't involve bots. For example, in a recent article:

"Six ad firms—including four that buy online ads and two whose technology helps sell ads—have told ADWEEK that they are limiting their clients’ exposure to streaming ads from Pluto TV.

They are worried that Pluto TV is taking advantage of programmatic auctions to sell more ads at higher prices. At the center of these concerns is a practice called bid duplication, where publishers and their tech partners send out multiple opportunities to buy a single ad.

Bid duplication tricks programmatic platforms into thinking a publisher has more scale than it really does. These ad-buying platforms use automation to buy ads from the publishers with the biggest audiences. While not illegal, bid duplication is a controversial practice. It can drive up ad prices because it causes more buyers to bid on a single ad, essentially increasing demand.

Pluto and its tech partners sent out 9.4 billion bid requests in a single day, 70X more, compared to 133 million for Tubi, 13X more than the 750 million for the Roku channel, and 9X more than the 1.3 billion each for Samsung and Vizio WatchFree+."

On a related note, most OLV ("online video") ads run with sound off, are not watched to completion (completion rates are falsified by fraudulent sites and apps). See: STOP buying OLV (video ads) NOW, until they clear this sh*t up Even if you don't consider this fraud, do you think these expensive ads actually drive any impact for you?

Further reading: https://www.dhirubhai.net/in/augustinefou/recent-activity/newsletter/